And Just To Verify I Can Reach Them From The Outside

In my continuing saga of playing around with IPv6, I’ve re-confirmed something I knew before…but in a manner that I wanted to see it work.

So I knew from the start that I could actually get to my machines via IPv6 from the outside world. I knew this doing things like traceroutes:

Hop number: 1
Roundtrip times: Timed out.

Hop number: 2
Roundtrip times: Timed out.

Hop number: 3
Roundtrip times: Timed out.

Hop number: 4
Roundtrip times: Timed out.

Hop number: 5
Connected to: ( 2001:668:0:3:ffff:0:adcd:27e5 )
Roundtrip times: 20.97 ms
21.007 ms
21.006 ms

Hop number: 6
Connected to: 2001:668:0:2:ffff:0:5995:b532 ( 2001:668:0:2:ffff:0:5995:b532 )
Roundtrip times: 1.791 ms
0.868 ms
0.864 ms

Hop number: 7
Roundtrip times: Timed out.

Hop number: 8
Connected to: ( 2001:470:0:90::2 )
Roundtrip times: 7.679 ms
7.476 ms
8.596 ms

Hop number: 9
Connected to: ( 2001:470:7:3c2::2 )
Roundtrip times: 13.394 ms
12.165 ms
9.681 ms

Hop number: 10
Connected to: ( 2001:470:8:3c3:888:1aff:fec0:829d )
Roundtrip times: 10.542 ms
9.642 ms
11.547 ms

Not to mention I was doing things on a machine that would show up when I ran a port-scan on my v6 address. But that’s not to say I had the full satisfaction of connecting to something over v6 and actually using it. So it’s time to talk about my backdoor. (Insert jokes here. Har-har. I really don’t give a shit enough to care what you think of a hastly named machine.)

Originally I set this machine up to perform two purposes; supply a “public” SAMBA share to my network that didn’t have me screwing up the Synology and for sshfs running on a random non-standard port on the public v4 internet. But it also provided a way for me to ssh in to my systems from the outside; because it should be obvious I can just SSH to any other system once inside. But, once again, Tmobile’s IPv6 native LTE network proved to be a problem; every tower handoff resulted in a drop of the SSH connection. So now it was time to do something similar to what I wanted to do years ago; use the IPv6 tunnel as a way of not breaking a connection to home all the time.

So I set up a DNS and rDNS entry, then spent a little while trying to remember how to syntax the ufw rule so it would route the SSH port for that v6 IP. I still don’t remember what it is…and apparently whatever I wrote on my previous ipv6 post wasn’t 100% right; next time I’ll try to post exactly what worked for me. But the point is after 15 minutes of typing commands and dealing with constant tower handoff disconnects; this is now a ufw rule:

2001:470:8:3c3:888:1aff:fec0:829d 1337 ALLOW FWD   Anywhere (v6)

It worked! I was able to log in to my machine’s SSH; and best of all, NO DISCONNECTS! I rode a good 40 miles and the connection held through multiple tower handoffs.

Last login: Wed Jun 17 10:52:44 2020 from 2607:fb90:18dc:4a91:aee8:37bb:7c89:eebb